<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>+1</p>
<p>We would also strongly prefer that a standard TLS OV vetting
model be adopted, but preserving the inclusion of the subject:
organizationIdentifier attribute (in OV and SV certificates) which
seems to us an excellent idea to distinguish "ANY company called
ExampleCo or that it's THAT PARTICULAR company called ExampleCo
registered in New York ", a distinction that I believe ought
always be possible before relying on a" trusted "certificate.</p>
<p>Adriano</p>
<p><br>
</p>
<div class="moz-cite-prefix">Il 27/04/2022 15:04, Doug Beattie via
Smcwg-public ha scritto:<br>
</div>
<blockquote type="cite"
cite="mid:010001806b1f9633-b991fec0-bd9c-4ade-94fa-70ca530d6ff9-000000@email.amazonses.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style>@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}h2
{mso-style-priority:9;
mso-style-link:"Heading 2 Char";
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:18.0pt;
font-family:"Calibri",sans-serif;
color:black;}span.Heading2Char
{mso-style-name:"Heading 2 Char";
mso-style-priority:9;
mso-style-link:"Heading 2";
font-family:"Calibri",sans-serif;
color:black;
font-weight:bold;}span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}div.WordSection1
{page:WordSection1;}</style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span style="color:windowtext">Hi Stephen,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">Regarding
the vetting process, I’d like to add one more to your list
for consideration and that’s to use the standard TLS OV
vetting model from the BRs, section 3.2 vs OV+ as shown
below. Code Signing uses that same section as is, so for
me, it would make sense to also have a flavor of S/MIME that
uses that section without modification. Can we add a 4<sup>th</sup>
bullet to your agenda for that option to be considered?<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">I also think
there is a discussion to be had on audit requirements for
Enterprise RA when adding a user’s name into the S/MIME
certificates, maybe for a future meeting.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">Doug<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="color:windowtext">From:</span></b><span
style="color:windowtext"> Smcwg-public
<a class="moz-txt-link-rfc2396E" href="mailto:smcwg-public-bounces@cabforum.org"><smcwg-public-bounces@cabforum.org></a> <b>On Behalf
Of </b>Stephen Davidson via Smcwg-public<br>
<b>Sent:</b> Tuesday, April 26, 2022 6:09 PM<br>
<b>To:</b> SMIME Certificate Working Group
<a class="moz-txt-link-rfc2396E" href="mailto:smcwg-public@cabforum.org"><smcwg-public@cabforum.org></a><br>
<b>Subject:</b> [Smcwg-public] Draft SMCWG agenda -
Wednesday, April 27, 2022<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<h2><a name="_Hlk72771135" moz-do-not-send="true">SMCWG Agenda<o:p></o:p></a></h2>
<h2><span style="mso-bookmark:_Hlk72771135"><span
style="font-size:11.0pt;font-weight:normal">Draft SMCWG
agenda - Wednesday, April 27, 2022 at 11:00 am Eastern
Time<o:p></o:p></span></span></h2>
<h2><span style="mso-bookmark:_Hlk72771135"><span
style="font-size:11.0pt;font-weight:normal">Here is a
draft agenda for the teleconference described in the
subject of this message. Please review and propose changes
if necessary.<o:p></o:p></span></span></h2>
<h2><span style="mso-bookmark:_Hlk72771135"><span
style="font-size:11.0pt;font-weight:normal">1.
Roll Call <o:p></o:p></span></span></h2>
<h2><span style="mso-bookmark:_Hlk72771135"><span
style="font-size:11.0pt;font-weight:normal">2.
Read Antitrust / Compliance Statement<o:p></o:p></span></span></h2>
<h2><span style="mso-bookmark:_Hlk72771135"><span
style="font-size:11.0pt;font-weight:normal">3.
Review Agenda<o:p></o:p></span></span></h2>
<h2><span style="mso-bookmark:_Hlk72771135"><span
style="font-size:11.0pt;font-weight:normal">4.
Approval of minutes from teleconference of April 13, 2022<o:p></o:p></span></span></h2>
<h2 style="margin-left:.5in;text-indent:-.5in"><span
style="mso-bookmark:_Hlk72771135"><span
style="font-size:11.0pt;font-weight:normal">5.
Discussion <o:p></o:p></span></span></h2>
<h2 style="margin-left:.5in"><span
style="mso-bookmark:_Hlk72771135"><span
style="font-size:11.0pt;font-weight:normal">Previous WG
discussions in 2021 focused upon whether the S/MIME BR
needed to establish the O is ANY company called ExampleCo
or that it's THAT PARTICULAR company called ExampleCo
registered in New York. Based on feedback from Cert
Consumers, WG discussion gravitated towards EV-like
vetting and the inclusion of a unique identifier in the
certificates (using the subject:organizationalIdentifer
from ETSI and the EVG rather than the layered EV JOI
attributes).<o:p></o:p></span></span></h2>
<h2 style="margin-left:.5in"><span
style="mso-bookmark:_Hlk72771135"><span
style="font-size:11.0pt;font-weight:normal">Some CA
concern has now been raised regarding EV as the choice for
O vetting. Options to be discussed:<o:p></o:p></span></span></h2>
<h2 style="margin-left:.75in;text-indent:-.25in"><span
style="mso-bookmark:_Hlk72771135"><span
style="font-size:11.0pt;font-weight:normal">• Go full
EV (as currently proposed in Section 3.2.3 [org vetting],
3.26 [validation of authority], and 3.2.8 [reliability of
sources] of the draft S/MIME BR, on basis has existing
CABF approval/audit criteria)<o:p></o:p></span></span></h2>
<h2 style="margin-left:.75in;text-indent:-.25in"><span
style="mso-bookmark:_Hlk72771135"><span
style="font-size:11.0pt;font-weight:normal">• Use
modernized EV (what parts are best suited for the S/MIME
use case? Have heard proposals to remove physical and
operational presence, review roles, simplify the text)<o:p></o:p></span></span></h2>
<h2 style="margin-left:.75in;text-indent:-.25in"><span
style="mso-bookmark:_Hlk72771135"><span
style="font-size:11.0pt;font-weight:normal">• Adopt
OV+ (restrict to Gov data sources or active/corroborated
LEI; provide more detail on attestations, roles)<o:p></o:p></span></span></h2>
<h2 style="margin-left:.5in"><span
style="mso-bookmark:_Hlk72771135"><span
style="font-size:11.0pt;font-weight:normal">The goal is to
resolve this remaining issue so we can move to Pre-Ballot
discussion.<o:p></o:p></span></span></h2>
<h2><span style="mso-bookmark:_Hlk72771135"><span
style="font-size:11.0pt;font-weight:normal">6.
Any other business <o:p></o:p></span></span></h2>
<h2 style="margin-left:.5in;text-indent:-.5in"><span
style="mso-bookmark:_Hlk72771135"><span
style="font-size:11.0pt;font-weight:normal">7.
Next call: Wednesday, May 11, 2022 at 11:00 am Eastern
Time<o:p></o:p></span></span></h2>
<h2><span style="mso-bookmark:_Hlk72771135"><span
style="font-size:11.0pt;font-weight:normal">
Adjourn<o:p></o:p></span></span></h2>
<span style="mso-bookmark:_Hlk72771135"></span>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="color:windowtext"><o:p> </o:p></span></p>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Smcwg-public mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Smcwg-public@cabforum.org">Smcwg-public@cabforum.org</a>
<a class="moz-txt-link-freetext" href="https://lists.cabforum.org/mailman/listinfo/smcwg-public">https://lists.cabforum.org/mailman/listinfo/smcwg-public</a>
</pre>
</blockquote>
</body>
</html>